[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Another round of viruses - encrypted this time



I heard about another spate of new viruses, several of which are hiding
themselves inside encrypted zip files.

Since in order to generate a new "signature", all they need to do is change the
password, this will be quite difficult to deal with if your policy requires you
to "let in" attachments. Or, commit a federal offense by violating the DMCA and
cracking the passwords on them. You decide. As if you needed another reason to
love John A$$croft and the misguided DMCA.

For those that haven't seen them, they come through in a message like this:

> Subject: Notify about your e-mail account utilization.
> 
> Dear user of yada yada,
> 
> We  warn you  about some attacks on your e-mail account. Your  computer may
> contain viruses,  in  order to  keep your computer and e-mail  account safe,
> please,  follow the instructions.
> 
> Pay attention  on attached file.
> 
> In order to  read the  attach  you have to use the following  password:
> 123456.
> 
> Have a good day,

Now that's not going to fool many folk here, but if the spelling and language
got a little "marketing flair", it could turn into a real problem.

Let's say it was an attached "statement" from your bank, and siad it was 
encrypted for your protection, and surrounded by pretty bank logos ...

If one of these viruses looked that authentic and came with an infected
attachment that you can't scan at the gateway...

Mike/

---------------------------------------------
http://www.valuenet.net



-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.